| Page(s) : 1 ... 700 701 702 703 704 705 706 707 708 709 [710] 711 712 713 714 715 716 717 718 719 720 ... | Result(s) : 299944 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.5 | 2025-03-20 | CVE-2024-9606 | cve | In berriai/litellm before version 1.44.12, the `litellm/litellm_core_utils/litellm_logging.py` file contains a vulnerability where the API key masking code only masks the first ... |
| 6.5 | 2025-03-20 | CVE-2024-9612 | cve | In danswer-ai/danswer v0.3.94, administrators can set the visibility of pages within a workspace, including the search page. When the search page is set to be invisible, regular... |
| N/A | 2025-03-20 | CVE-2024-9617 | cve | An IDOR vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to view any files. The application does not verify whether the attacker is the creator of the file, allowi... |
| 5.4 | 2025-03-20 | CVE-2024-9699 | cve | A vulnerability in the file upload functionality of the FlatPress CMS admin panel (version latest) allows an attacker to upload a file with a JavaScript payload disguised as a f... |
| N/A | 2025-03-20 | CVE-2024-9701 | cve | A Remote Code Execution (RCE) vulnerability has been identified in the Kedro ShelveStore class (version 0.19.8). This vulnerability allows an attacker to execute arbitrary Pytho... |
| N/A | 2025-03-20 | CVE-2024-9840 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-53981. Notes: All CVE users should reference CVE-2024-53981 inste... |
| N/A | 2025-03-20 | CVE-2024-9847 | cve | FlatPress CMS version latest is vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow an attacker to enable or disable plugins on behalf of a victim user. The attac... |
| N/A | 2025-03-20 | CVE-2024-9880 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| 6.1 | 2025-03-20 | CVE-2024-9900 | cve | mudler/localai version v2.21.1 contains a Cross-Site Scripting (XSS) vulnerability in its search functionality. The vulnerability arises due to improper sanitization of user inp... |
| N/A | 2025-03-20 | CVE-2024-9901 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-48057. Notes: All CVE users should reference CVE-2024-48057 inste... |
| N/A | 2025-03-20 | CVE-2024-9919 | cve | A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/{app_name} API... |
| 8.8 | 2025-03-20 | CVE-2024-9920 | cve | In version v12 of parisneo/lollms-webui, the 'Send file to AL' function allows uploading files with various extensions, including potentially dangerous ones like .py, ... |
| N/A | 2025-03-20 | CVE-2025-0182 | cve | A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. The issue arises from the use of a vulnerable version of the starlett... |
| N/A | 2025-03-20 | CVE-2025-0183 | cve | A stored cross-site scripting (XSS) vulnerability exists in the Latex Proof-Reading Module of binary-husky/gpt_academic version 3.9.0. This vulnerability allows an attacker to i... |
| N/A | 2025-03-20 | CVE-2025-0184 | cve | A Server-Side Request Forgery (SSRF) vulnerability was identified in langgenius/dify version 0.10.2. The vulnerability occurs in the 'Create Knowledge' section when up... |
| 8.8 | 2025-03-20 | CVE-2025-0185 | cve | A vulnerability in the Dify Tools' Vanna module of the langgenius/dify repository allows for a Pandas Query Injection in the latest version. The vulnerability occurs in the... |
| N/A | 2025-03-20 | CVE-2025-0187 | cve | A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data... |
| N/A | 2025-03-20 | CVE-2025-0188 | cve | A Server-Side Request Forgery (SSRF) vulnerability was discovered in gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability allows an attacker to construct a response li... |
| 7.5 | 2025-03-20 | CVE-2025-0189 | cve | In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very l... |
| 7.5 | 2025-03-20 | CVE-2025-0190 | cve | In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large number of `Text` objects and then querying them simultaneously through the web A... |
| Page(s) : 1 ... 700 701 702 703 704 705 706 707 708 709 [710] 711 712 713 714 715 716 717 718 719 720 ... | Result(s) : 299944 |
